<?php
/*
	This script allow or deny the access to the control panel
*/
extract($_POST);
session_start();
include_once("../php_clases/db_main.php");
$objectSql = new dbm_DataBaseManager;
$postData = count($_POST);
foreach($_POST as $val)
{
	if (ctype_alnum($val))
	{
		$arrOk[] = "permited";
	}
}
if($postData == count($arrOk))
{
	$sqlSelect = "SELECT * FROM users WHERE user='$user'";
	if($result = $objectSql->querySQL($sqlSelect)!=0)
	{
		foreach(json_decode($resQuery = $objectSql->selectSQL($sqlSelect)) as $value)
		{
			$registredUser = $value->user;
			$registredPasswd = $value->passwd;
		}
		if($registredUser==$user && $registredPasswd==$passwd)
		{
			//sesion vars
			$_SESSION['autentifed'] = "yes";
			$_SESSION['lastAccess'] = date("Y-n-j H:i:s");
			$_SESSION['user'] = $registredUser;
			echo "ok";
		}
	}
	else
	{
		echo "no data";
	}
}
else
{
	echo "no data";
}
?>